package org.rhq.modules.plugins.wildfly10;

import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.rhq.modules.plugins.wildfly10.util.SecurityUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/rhq/modules/plugins/wildfly10/SchemeRegistryBuilder.class */
public class SchemeRegistryBuilder {
    private static final TrustSelfSignedStrategy TRUST_SELF_SIGNED_STRATEGY = new TrustSelfSignedStrategy();
    private static final TrustAnyStrategy TRUST_ANY_STRATEGY = new TrustAnyStrategy();
    private final ASConnectionParams asConnectionParams;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/rhq/modules/plugins/wildfly10/SchemeRegistryBuilder$TrustAnyStrategy.class */
    public static class TrustAnyStrategy implements TrustStrategy {
        private TrustAnyStrategy() {
        }

        @Override // org.apache.http.conn.ssl.TrustStrategy
        public boolean isTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            return true;
        }
    }

    public SchemeRegistryBuilder(ASConnectionParams aSConnectionParams) {
        this.asConnectionParams = aSConnectionParams;
    }

    public SchemeRegistry buildSchemeRegistry() {
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        if (this.asConnectionParams.isSecure()) {
            try {
                KeyStore keyStore = null;
                if (this.asConnectionParams.getTruststore() != null) {
                    keyStore = SecurityUtil.loadKeystore(this.asConnectionParams.getTruststoreType(), this.asConnectionParams.getTruststore(), this.asConnectionParams.getTruststorePassword());
                }
                KeyStore keyStore2 = null;
                String str = null;
                if (this.asConnectionParams.isClientcertAuthentication()) {
                    if (this.asConnectionParams.getKeystore() == null) {
                        keyStore2 = SecurityUtil.loadKeystore(System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType()), System.getProperty("javax.net.ssl.keyStore"), System.getProperty("javax.net.ssl.keyStorePassword"));
                    } else {
                        keyStore2 = SecurityUtil.loadKeystore(this.asConnectionParams.getKeystoreType(), this.asConnectionParams.getKeystore(), this.asConnectionParams.getKeystorePassword());
                        str = this.asConnectionParams.getKeyPassword();
                    }
                }
                schemeRegistry.register(new Scheme(ASConnection.HTTPS_SCHEME, this.asConnectionParams.getPort(), new SSLSocketFactory(null, keyStore2, str, keyStore, null, getTrustStrategy(), getHostnameVerifier())));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } else {
            schemeRegistry.register(new Scheme("http", this.asConnectionParams.getPort(), PlainSocketFactory.getSocketFactory()));
        }
        return schemeRegistry;
    }

    private TrustStrategy getTrustStrategy() {
        switch (this.asConnectionParams.getTrustStrategy()) {
            case TRUST_SELFSIGNED:
                return TRUST_SELF_SIGNED_STRATEGY;
            case TRUST_ANY:
                return TRUST_ANY_STRATEGY;
            case STANDARD:
                return null;
            default:
                throw new UnsupportedOperationException(this.asConnectionParams.getTrustStrategy().name);
        }
    }

    private X509HostnameVerifier getHostnameVerifier() {
        switch (this.asConnectionParams.getHostnameVerification()) {
            case STRICT:
                return SSLSocketFactory.STRICT_HOSTNAME_VERIFIER;
            case BROWSER_COMPATIBLE:
                return SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
            case SKIP:
                return SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
            default:
                throw new UnsupportedOperationException(this.asConnectionParams.getHostnameVerification().name);
        }
    }
}
